1. Technical Field
The present disclosure relates to object verification and more specifically to verifying the integrity of a digital object obtained from a remote host.
2. Introduction
As the Internet becomes an integral part of people's lives, more and more content on personal computers is obtained via Internet download. This is advantageous in that users are able to quickly and easily obtain access to a wide variety of content. However, it also leads to a plethora of potential security risks that deter many users from downloading legitimate content. For example, when a user downloads content from a website the user has to trust that the content will not harm their computer or improperly access data. In this scenario, many users will base their trust on the perceived origin of the content.
One approach to increasing a user's level of trust for an object obtained from a remote source is to include a digital certificate with the object. A digital certificate provides at least a minimal level of assurance due to the fact that a certification authority issues it and the user's system can authenticate it prior to accessing the object. However, even though the certificate is authenticated, the user must still make a decision as to whether they trust the certificate.
One method for conducting the verification is to present the user with a dialog box seeking permission to use the object. Such a dialog box presents information regarding the validity of the certificate. Additionally, the dialog box might contain an option to “always allow” a particular object. As long as nothing changes about the object, the user can reuse the object without encountering the dialog box again. When certain features of the object change, the user is once again presented with the dialog box to provide notification of the change and to verify that the object's use is permitted on the system. This method of verification fails when other aspects associated with the object change, potentially exposing computer users to security risks.